Описание
Directory traversal in the Compress feature in Pydio Cells 2.2.9 allows remote authenticated users to overwrite personal files, or Cells files belonging to any user, via the format parameter.
Ссылки
- Third Party Advisory
- Release NotesThird Party Advisory
- ProductVendor Advisory
- Third Party Advisory
- Release NotesThird Party Advisory
- ProductVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:pydio:cells:2.2.9:*:*:*:-:*:*:*
cpe:2.3:a:pydio:cells:2.2.9:*:*:*:enterprise:*:*:*
EPSS
Процентиль: 51%
0.0028
Низкий
6.5 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-22
Связанные уязвимости
github
больше 3 лет назад
Directory traversal in the Compress feature in Pydio Cells 2.2.9 allows remote authenticated users to overwrite personal files, or Cells files belonging to any user, via the format parameter.
EPSS
Процентиль: 51%
0.0028
Низкий
6.5 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-22